qnap
635 tracked vulnerabilities.
CVE-2025-62851
MEDIUM
Qnap Systems Inc. License Center < 1.9.56 - Path Traversal
Jun 10, 2026
CVSS 4.4
EPSS 0.00
CVE-2025-62850
HIGH
Qnap Systems Inc. QuTS Hero - Denial of Service
Jun 10, 2026
CVSS 7.2
EPSS 0.00
CVE-2025-66276
CRITICAL
QTS 4.3.x - NFS Access Control Misconfiguration
Jun 10, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-62858
MEDIUM
QNAP Systems - QTS, QuTS Hero
Jun 09, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-62846
MEDIUM
QNAP QuRouter < 2.6.2.007 - Local Admin SQL Injection
Mar 20, 2026
CVSS 6.7
EPSS 0.00
CVE-2025-62845
MEDIUM
QNAP QuRouter < 2.6.3.009 - Local Admin Control Sequence Injection
Mar 20, 2026
CVSS 6.7
EPSS 0.00
CVE-2025-62844
MEDIUM
QNAP QuRouter < 2.6.2.007 - Weak Authentication Information Disclosure
Mar 20, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-62843
MEDIUM
QNAP QuRouter < 2.6.3.009 - Physical Endpoint Privilege Bypass
Mar 20, 2026
CVSS 6.8
EPSS 0.00
CVE-2025-59383
CRITICAL
Media Streaming Add-on < 500.1.1 - Stack-Based Buffer Overflow
Mar 20, 2026
CVSS 9.1
EPSS 0.00
CVE-2025-59388
CRITICAL
Hyper Data Protector <2.3.1.455 - Auth Bypass
Mar 12, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-68406
MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Path Traversal
Feb 11, 2026
CVSS 6.5
EPSS 0.01
CVE-2025-66278
MEDIUM
File Station 5 <5.5.6.5190 - Path Traversal
Feb 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-66277
CRITICAL
QNAP QTS and QuTS hero - Unauthenticated Path Traversal via Symbolic Link Following
Feb 11, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-66274
MEDIUM
QNAP QuTS hero - Denial of Service via NULL Pointer Dereference
Feb 11, 2026
CVSS 4.9
EPSS 0.00
CVE-2025-62856
MEDIUM
QNAP File Station 5.5.6.4691-5.5.6.5190 - Authenticated Path Traversal
Feb 11, 2026
CVSS 4.4
EPSS 0.00
CVE-2025-62855
MEDIUM
QNAP File Station 5.5.6.4691-5.5.6.5190 - Authenticated Path Traversal
Feb 11, 2026
CVSS 4.4
EPSS 0.00
CVE-2025-62854
MEDIUM
QNAP File Station 5.5.6.4691-5.5.6.5190 - Authenticated Denial of Service
Feb 11, 2026
CVSS 6.5
EPSS 0.01
CVE-2025-62853
MEDIUM
QNAP File Station 5.5.6.4691-5.5.6.5165 - Authenticated Path Traversal
Feb 11, 2026
CVSS 6.5
EPSS 0.01
CVE-2025-59386
MEDIUM
QNAP QuTS hero - Denial of Service via NULL Pointer Dereference
Feb 11, 2026
CVSS 4.9
EPSS 0.00
CVE-2025-58472
MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Denial of Service via NULL Pointer Dereference
Feb 11, 2026
CVSS 4.9
EPSS 0.01
CVE-2025-58471
MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Denial of Service via Resource Exhaustion
Feb 11, 2026
CVSS 4.9
EPSS 0.00
CVE-2025-58470
MEDIUM
Qsync Central <5.0.0.4 - Path Traversal
Feb 11, 2026
CVSS 6.5
EPSS 0.01
CVE-2025-58467
MEDIUM
Qsync Central <5.0.0.4 - Path Traversal
Feb 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-58466
MEDIUM
QNAP QTS and QuTS hero - Use of Uninitialized Variable
Feb 11, 2026
CVSS 4.9
EPSS 0.01
CVE-2025-57713
HIGH
File Station 5 <5.5.6.5166 - Info Disclosure
Feb 11, 2026
CVSS 7.5
EPSS 0.01
Products
qts 283
quts_hero 234
qsync_central 62
qutscloud 62
file_station 54
photo_station 26
video_station 15
media_streaming_add-on 13
music_station 13
qumagie 13
qurouter 12
helpdesk 11
qvr 10
qulog_center 8
nas_proxy_server 7
q\'center 7
hybrid_backup_sync 6
license_center 6
notes_station_3 6
qvr_pro 6
multimedia_console 5
qunetswitch 5
qvr_elite 5
qvr_guard 5
qes 4
download_station 3
qcalagent 3
qufirewall 3
qvp-21a_firmware 3
qvp-41a_firmware 3
Quick Filters